rfc2433.txt

gnu 的radius服务器很好用的

      PasswordHashEncryptedWithBlock( PasswordHash,
                                      Challenge,
                                      giving Cypher )
   }


A.11 NewPasswordEncryptedWithOldNtPasswordHash()

   datatype-PWBLOCK
   {
      256-unicode-char Password
      4-octets         PasswordLength
   }

   NewPasswordEncryptedWithOldNtPasswordHash(
   IN  0-to-256-unicode-char NewPassword,
   IN  0-to-256-unicode-char OldPassword,
   OUT datatype-PWBLOCK      EncryptedPwBlock )
   {
      NtPasswordHash( OldPassword, giving PasswordHash )

      EncryptPwBlockWithPasswordHash( NewPassword,
                                      PasswordHash,
                                      giving EncryptedPwBlock )
   }


A.12 EncryptPwBlockWithPasswordHash()

   EncryptPwBlockWithPasswordHash(
   IN  0-to-256-unicode-char Password,
   IN  16-octet              PasswordHash,



Zorn & Cobb                  Informational                     [Page 14]

RFC 2433             Microsoft PPP CHAP Extensions         Ocotober 1998


   OUT datatype-PWBLOCK      PwBlock )
   {

      Fill ClearPwBlock with random octet values
      PwSize = lstrlenW( Password ) * sizeof( unicode-char )
      PwOffset = sizeof( ClearPwBlock.Password ) - PwSize
      Move PwSize octets to (ClearPwBlock.Password + PwOffset ) from Password
      ClearPwBlock.PasswordLength = PwSize
      Rc4Encrypt( ClearPwBlock,
                  sizeof( ClearPwBlock ),
                  PasswordHash,
                  sizeof( PasswordHash ),
                  giving PwBlock )
   }


A.13 Rc4Encrypt()

   Rc4Encrypt(
   IN  x-octet Clear,
   IN  integer ClearLength,
   IN  y-octet Key,
   IN  integer KeyLength,
   OUT x-octet Cypher )
   {
      /*
       * Use the RC4 encryption algorithm [6] to encrypt Clear of
       * length ClearLength octets into a Cypher of the same length
       * such that the Cypher can only be decrypted back to Clear
       * by providing a Key of length KeyLength octets.
       */
   }


A.14 OldNtPasswordHashEncryptedWithNewNtPasswordHash()

   OldNtPasswordHashEncryptedWithNewNtPasswordHash(
   IN  0-to-256-unicode-char NewPassword,
   IN  0-to-256-unicode-char OldPassword,
   OUT 16-octet              EncryptedPasswordHash )
   {
      NtPasswordHash( OldPassword, giving OldPasswordHash )
      NtPasswordHash( NewPassword, giving NewPasswordHash )
      NtPasswordHashEncryptedWithBlock( OldPasswordHash,
                                        NewPasswordHash,
                                        giving EncryptedPasswordHash )
   }




Zorn & Cobb                  Informational                     [Page 15]

RFC 2433             Microsoft PPP CHAP Extensions         Ocotober 1998


A.15 NewPasswordEncryptedWithOldLmPasswordHash()

   NewPasswordEncryptedWithOldLmPasswordHash(
   IN  0-to-256-unicode-char NewPassword,
   IN  0-to-256-unicode-char OldPassword,
   OUT datatype-PWBLOCK      EncryptedPwBlock )
   {
      LmPasswordHash( OldPassword, giving PasswordHash )

      EncryptPwBlockWithPasswordHash( NewPassword, PasswordHash,
                                      giving EncryptedPwBlock )
   }


A.16 OldLmPasswordHashEncryptedWithNewNtPasswordHash()

   OldLmPasswordHashEncryptedWithNewNtPasswordHash(
   IN  0-to-256-unicode-char NewPassword,
   IN  0-to-256-unicode-char OldPassword,
   OUT 16-octet              EncryptedPasswordHash )
   {
      LmPasswordHash( OldPassword, giving OldPasswordHash )

      NtPasswordHash( NewPassword, giving NewPasswordHash )

      NtPasswordHashEncryptedWithBlock( OldPasswordHash, NewPasswordHash,
                                      giving EncrytptedPasswordHash )
   }


A.17 NtPasswordHashEncryptedWithBlock()

   NtPasswordHashEncryptedWithBlock(
   IN  16-octet PasswordHash,
   IN  16-octet Block,
   OUT 16-octet Cypher )
   {
      DesEncrypt( 1st 8-octets PasswordHash,
                  1st 7-octets Block,
                  giving 1st 8-octets Cypher )

      DesEncrypt( 2nd 8-octets PasswordHash,
                  2nd 7-octets Block,
                  giving 2nd 8-octets Cypher )
   }






Zorn & Cobb                  Informational                     [Page 16]

RFC 2433             Microsoft PPP CHAP Extensions         Ocotober 1998


Appendix B - Examples

B.1 Negotiation Examples

   Here are some examples of typical negotiations.  The peer is on the
   left and the authenticator is on the right.

   The packet sequence ID is incremented on each authentication retry
   Response and on the change password response.  All cases where the
   packet sequence ID is updated are noted below.

   Response retry is never allowed after Change Password.  Change
   Password may occur after Response retry.  The implied challenge form
   is shown in the examples, though all cases of "first challenge+23"
   should be replaced by the "C=cccccccccccccccc" challenge if
   authenticator supplies it in the Failure packet.

B.1.1 Successful authentication

            <- Challenge
        Response ->
            <- Success


B.1.2 Failed authentication with no retry allowed

            <- Challenge
        Response ->
            <- Failure (E=691 R=0)


B.1.3 Successful authentication after retry

            <- Challenge
        Response ->
            <- Failure (E=691 R=1), disable short timeout
        Response (++ID) to first challenge+23 ->
            <- Success


B.1.4 Failed hack attack with 3 attempts allowed

            <- Challenge
        Response ->
            <- Failure (E=691 R=1), disable short timeout
        Response (++ID) to first challenge+23 ->
            <- Failure (E=691 R=1), disable short timeout
        Response (++ID) to first challenge+23+23 ->



Zorn & Cobb                  Informational                     [Page 17]

RFC 2433             Microsoft PPP CHAP Extensions         Ocotober 1998


            <- Failure (E=691 R=0)


B.1.5 Successful authentication with password change

            <- Challenge
        Response ->
            <- Failure (E=648 R=0 V=2), disable short timeout
        ChangePassword (++ID) to first challenge ->
            <- Success


B.1.6 Successful authentication with retry and password change

            <- Challenge
        Response ->
            <- Failure (E=691 R=1), disable short timeout
        Response (++ID) to first challenge+23 ->
            <- Failure (E=648 R=0 V=2), disable short timeout
        ChangePassword (++ID) to first challenge+23 ->
            <- Success

B.2 Hash Example

Intermediate values for password "MyPw".

   8-octet Challenge:
   10 2D B5 DF 08 5D 30 41

   0-to-256-unicode-char NtPassword:
   4D 00 79 00 50 00 77 00

   16-octet NtPasswordHash:
   FC 15 6A F7 ED CD 6C 0E DD E3 33 7D 42 7F 4E AC

   24-octet NtChallengeResponse:
   4E 9D 3C 8F 9C FD 38 5D 5B F4 D3 24 67 91 95 6C
   A4 C3 51 AB 40 9A 3D 61

B.3 Example of DES Key Generation

DES uses 56-bit keys, expanded to 64 bits by the insertion of parity
bits.  After the parity of the key has been fixed, every eighth bit is a
parity bit and the number of bits that are set (1) in each octet is odd;
i.e., odd parity.  Note that many DES engines do not check parity,
however, simply stripping the parity bits.  The following example
illustrates the values resulting from the use of the 16-octet
NTPasswordHash shown in Appendix B.2 to generate a pair of DES keys



Zorn & Cobb                  Informational                     [Page 18]

RFC 2433             Microsoft PPP CHAP Extensions         Ocotober 1998


(e.g., for use in the NtPasswordHashEncryptedWithBlock() described in
Appendix A.17).

   16-octet NtPasswordHash:
   FC 15 6A F7 ED CD 6C 0E DD E3 33 7D 42 7F 4E AC

   First "raw" DES key (initial 7 octets of password hash):
   FC 15 6A F7 ED CD 6C

   First parity-corrected DES key (eight octets):
   FD 0B 5B 5E 7F 6E 34 D9

   Second "raw" DES key (second 7 octets of password hash)
   0E DD E3 33 7D 42 7F

   Second parity-corrected DES key (eight octets):
   0E 6E 79 67 37 EA 08 FE


































Zorn & Cobb                  Informational                     [Page 19]

RFC 2433             Microsoft PPP CHAP Extensions         Ocotober 1998


Full Copyright Statement

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
























Zorn & Cobb                  Informational                     [Page 20]